diff --git a/Gemfile b/Gemfile index cdb2a955..eed522ed 100644 --- a/Gemfile +++ b/Gemfile @@ -33,8 +33,9 @@ gem 'multipart-post' gem 'net-ldap' gem 'net-sftp' gem 'nokogiri', '~> 1.16' -gem 'omniauth', '~> 1.9' +gem 'omniauth' gem 'omniauth-cas' +gem 'omniauth-rails_csrf_protection' gem 'open3' gem 'pg' # Use Puma as the app server diff --git a/Gemfile.lock b/Gemfile.lock index 75badef8..05356d42 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -293,19 +293,23 @@ GEM net-protocol net-ssh (7.2.1) nio4r (2.7.1) - nokogiri (1.16.5-arm64-darwin) + nokogiri (1.16.6-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.5-x86_64-darwin) + nokogiri (1.16.6-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.5-x86_64-linux) + nokogiri (1.16.6-x86_64-linux) racc (~> 1.4) - omniauth (1.9.2) + omniauth (2.1.2) hashie (>= 3.4.6) - rack (>= 1.6.2, < 3) - omniauth-cas (2.0.0) - addressable (~> 2.3) - nokogiri (~> 1.5) - omniauth (~> 1.2) + rack (>= 2.2.3) + rack-protection + omniauth-cas (3.0.0) + addressable (~> 2.8) + nokogiri (~> 1.12) + omniauth (~> 2.1) + omniauth-rails_csrf_protection (1.0.2) + actionpack (>= 4.2) + omniauth (~> 2.0) open3 (0.2.1) orm_adapter (0.5.0) parallel (1.24.0) @@ -321,11 +325,14 @@ GEM pry (>= 0.13, < 0.15) psych (5.1.2) stringio - public_suffix (5.0.4) + public_suffix (5.1.1) puma (6.4.2) nio4r (~> 2.0) racc (1.8.0) rack (2.2.9) + rack-protection (3.2.0) + base64 (>= 0.1.0) + rack (~> 2.2, >= 2.2.4) rack-proxy (0.7.7) rack rack-session (1.0.2) @@ -579,8 +586,9 @@ DEPENDENCIES net-ldap net-sftp nokogiri (~> 1.16) - omniauth (~> 1.9) + omniauth omniauth-cas + omniauth-rails_csrf_protection open3 pg pry-byebug diff --git a/spec/requests/users_request_spec.rb b/spec/requests/users_request_spec.rb index a51bf449..ff5bc095 100644 --- a/spec/requests/users_request_spec.rb +++ b/spec/requests/users_request_spec.rb @@ -33,7 +33,7 @@ ) allow(User).to receive(:from_omniauth).and_return(user) - get user_cas_omniauth_authorize_path + post user_cas_omniauth_authorize_path end after do